An Embedded Fingerprint Authentication System Integrated with a Hardware-Based Truly Random Number Generator
Recent advances in information security requires randomly selected strong keys. Most of these keys are generated by software-based random number generators. However, implementing a Truly Random Number Generator (TRNG) without using a hardware-supported platform is not reliable. In this paper, a fingerprint authentication system using a hardware-based TRNG to produce a private key that encrypts the fingerprint template of a person is presented. The designed hardware can easily be mounted on a standard or embedded PC via its PCI interface to produce random number keys. Random numbers forming the private key is guaranteed to be true because it passes a two-level randomness test evaluated first on the FPGA then on the PC by applying the full NIST test suite. The whole system implements an AES-based encryption scheme to store the person’s secret stored on a smart or glossary card safely. The main contribution of the work is the use of new-generation hardware-based TRNGs to enhance the security of a fingerprint authentication system.
KeywordsRandom Number Generator Authentication Scheme Advance Encryption Standard Authentication System Fast Oscillator
Unable to display preview. Download preview PDF.
- 3.Jun, B., Kocher, P.: The Intel Random Number Generator. Cryptography Research, Inc. white paper prepared for Inter Corp. (1999), http://www.cryptography.com/resources/whitepapers/IntelRNG.pdf
- 4.Menezes, A., Oorschot, P.V., Vanstone, S.: Handbook of Applied Cryptology. CRC Press, Boca Raton, USA (1996)Google Scholar
- 5.Schneier, B.: Applied Cryptography, 2nd edn. John Wiley & Sons Ltd, West Sussex, England (1996)Google Scholar
- 11.Von Neumann, J.: Various Techniques Used in Connection With Random Digits. In: Forsythe, G.E.(ed.) National Bureau of Standards, Applied Math Series - Notes, vol. 12, pp. 36–38 (1951)Google Scholar
- 12.National Institute of Standard and Technology.: A Statistical Test Suite for Random and Pseudo Random Number Generators for Cryptographic Applications. NIST 800-22 (2001), http://csrc.nist.gov/rng/SP800-22b.pdf